<?xml version="1.0" encoding="ascii"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
          "DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <title>oauth2client.crypt</title>
  <link rel="stylesheet" href="epydoc.css" type="text/css" />
  <script type="text/javascript" src="epydoc.js"></script>
</head>

<body bgcolor="white" text="black" link="blue" vlink="#204080"
      alink="#204080">
<!-- ==================== NAVIGATION BAR ==================== -->
<table class="navbar" border="0" width="100%" cellpadding="0"
       bgcolor="#a0c0ff" cellspacing="0">
  <tr valign="middle">

  <!-- Tree link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Index link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Help link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>

      <th class="navbar" width="100%"></th>
  </tr>
</table>
<table width="100%" cellpadding="0" cellspacing="0">
  <tr valign="top">
    <td width="100%">
      <span class="breadcrumbs">
        <a href="oauth2client-module.html">Package&nbsp;oauth2client</a> ::
        Module&nbsp;crypt
      </span>
    </td>
    <td>
      <table cellpadding="0" cellspacing="0">
        <!-- hide/show private -->
        <tr><td align="right"><span class="options">[<a href="javascript:void(0);" class="privatelink"
    onclick="toggle_private();">hide&nbsp;private</a>]</span></td></tr>
        <tr><td align="right"><span class="options"
            >[<a href="frames.html" target="_top">frames</a
            >]&nbsp;|&nbsp;<a href="oauth2client.crypt-pysrc.html"
            target="_top">no&nbsp;frames</a>]</span></td></tr>
      </table>
    </td>
  </tr>
</table>
<h1 class="epydoc">Source Code for <a href="oauth2client.crypt-module.html">Module oauth2client.crypt</a></h1>
<pre class="py-src">
<a name="L1"></a><tt class="py-lineno">  1</tt>  <tt class="py-line"><tt class="py-comment">#!/usr/bin/python2.4</tt> </tt>
<a name="L2"></a><tt class="py-lineno">  2</tt>  <tt class="py-line"><tt class="py-comment"># -*- coding: utf-8 -*-</tt> </tt>
<a name="L3"></a><tt class="py-lineno">  3</tt>  <tt class="py-line"><tt class="py-comment">#</tt> </tt>
<a name="L4"></a><tt class="py-lineno">  4</tt>  <tt class="py-line"><tt class="py-comment"># Copyright (C) 2011 Google Inc.</tt> </tt>
<a name="L5"></a><tt class="py-lineno">  5</tt>  <tt class="py-line"><tt class="py-comment">#</tt> </tt>
<a name="L6"></a><tt class="py-lineno">  6</tt>  <tt class="py-line"><tt class="py-comment"># Licensed under the Apache License, Version 2.0 (the "License");</tt> </tt>
<a name="L7"></a><tt class="py-lineno">  7</tt>  <tt class="py-line"><tt class="py-comment"># you may not use this file except in compliance with the License.</tt> </tt>
<a name="L8"></a><tt class="py-lineno">  8</tt>  <tt class="py-line"><tt class="py-comment"># You may obtain a copy of the License at</tt> </tt>
<a name="L9"></a><tt class="py-lineno">  9</tt>  <tt class="py-line"><tt class="py-comment">#</tt> </tt>
<a name="L10"></a><tt class="py-lineno"> 10</tt>  <tt class="py-line"><tt class="py-comment">#      http://www.apache.org/licenses/LICENSE-2.0</tt> </tt>
<a name="L11"></a><tt class="py-lineno"> 11</tt>  <tt class="py-line"><tt class="py-comment">#</tt> </tt>
<a name="L12"></a><tt class="py-lineno"> 12</tt>  <tt class="py-line"><tt class="py-comment"># Unless required by applicable law or agreed to in writing, software</tt> </tt>
<a name="L13"></a><tt class="py-lineno"> 13</tt>  <tt class="py-line"><tt class="py-comment"># distributed under the License is distributed on an "AS IS" BASIS,</tt> </tt>
<a name="L14"></a><tt class="py-lineno"> 14</tt>  <tt class="py-line"><tt class="py-comment"># WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</tt> </tt>
<a name="L15"></a><tt class="py-lineno"> 15</tt>  <tt class="py-line"><tt class="py-comment"># See the License for the specific language governing permissions and</tt> </tt>
<a name="L16"></a><tt class="py-lineno"> 16</tt>  <tt class="py-line"><tt class="py-comment"># limitations under the License.</tt> </tt>
<a name="L17"></a><tt class="py-lineno"> 17</tt>  <tt class="py-line"> </tt>
<a name="L18"></a><tt class="py-lineno"> 18</tt>  <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">base64</tt> </tt>
<a name="L19"></a><tt class="py-lineno"> 19</tt>  <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">hashlib</tt> </tt>
<a name="L20"></a><tt class="py-lineno"> 20</tt>  <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">logging</tt> </tt>
<a name="L21"></a><tt class="py-lineno"> 21</tt>  <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">time</tt> </tt>
<a name="L22"></a><tt class="py-lineno"> 22</tt>  <tt class="py-line"> </tt>
<a name="L23"></a><tt class="py-lineno"> 23</tt>  <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-0" class="py-name" targets="Module oauth2client.anyjson=oauth2client.anyjson-module.html"><a title="oauth2client.anyjson" class="py-name" href="#" onclick="return doclink('link-0', 'anyjson', 'link-0');">anyjson</a></tt> <tt class="py-keyword">import</tt> <tt class="py-name">simplejson</tt> </tt>
<a name="L24"></a><tt class="py-lineno"> 24</tt>  <tt class="py-line"> </tt>
<a name="L25"></a><tt class="py-lineno"> 25</tt>  <tt class="py-line"> </tt>
<a name="L26"></a><tt class="py-lineno"> 26</tt>  <tt class="py-line"><tt id="link-1" class="py-name" targets="Variable oauth2client.crypt.CLOCK_SKEW_SECS=oauth2client.crypt-module.html#CLOCK_SKEW_SECS"><a title="oauth2client.crypt.CLOCK_SKEW_SECS" class="py-name" href="#" onclick="return doclink('link-1', 'CLOCK_SKEW_SECS', 'link-1');">CLOCK_SKEW_SECS</a></tt> <tt class="py-op">=</tt> <tt class="py-number">300</tt>  <tt class="py-comment"># 5 minutes in seconds</tt> </tt>
<a name="L27"></a><tt class="py-lineno"> 27</tt>  <tt class="py-line"><tt id="link-2" class="py-name" targets="Variable oauth2client.crypt.AUTH_TOKEN_LIFETIME_SECS=oauth2client.crypt-module.html#AUTH_TOKEN_LIFETIME_SECS"><a title="oauth2client.crypt.AUTH_TOKEN_LIFETIME_SECS" class="py-name" href="#" onclick="return doclink('link-2', 'AUTH_TOKEN_LIFETIME_SECS', 'link-2');">AUTH_TOKEN_LIFETIME_SECS</a></tt> <tt class="py-op">=</tt> <tt class="py-number">300</tt>  <tt class="py-comment"># 5 minutes in seconds</tt> </tt>
<a name="L28"></a><tt class="py-lineno"> 28</tt>  <tt class="py-line"><tt id="link-3" class="py-name" targets="Variable oauth2client.client.SignedJwtAssertionCredentials.MAX_TOKEN_LIFETIME_SECS=oauth2client.client.SignedJwtAssertionCredentials-class.html#MAX_TOKEN_LIFETIME_SECS,Variable oauth2client.crypt.MAX_TOKEN_LIFETIME_SECS=oauth2client.crypt-module.html#MAX_TOKEN_LIFETIME_SECS"><a title="oauth2client.client.SignedJwtAssertionCredentials.MAX_TOKEN_LIFETIME_SECS
oauth2client.crypt.MAX_TOKEN_LIFETIME_SECS" class="py-name" href="#" onclick="return doclink('link-3', 'MAX_TOKEN_LIFETIME_SECS', 'link-3');">MAX_TOKEN_LIFETIME_SECS</a></tt> <tt class="py-op">=</tt> <tt class="py-number">86400</tt>  <tt class="py-comment"># 1 day in seconds</tt> </tt>
<a name="L29"></a><tt class="py-lineno"> 29</tt>  <tt class="py-line"> </tt>
<a name="L30"></a><tt class="py-lineno"> 30</tt>  <tt class="py-line"> </tt>
<a name="L31"></a><tt class="py-lineno"> 31</tt>  <tt class="py-line"><tt id="link-4" class="py-name" targets="Variable apiclient.discovery.logger=apiclient.discovery-module.html#logger,Variable oauth2client.appengine.logger=oauth2client.appengine-module.html#logger,Variable oauth2client.client.logger=oauth2client.client-module.html#logger,Variable oauth2client.crypt.logger=oauth2client.crypt-module.html#logger,Variable oauth2client.gce.logger=oauth2client.gce-module.html#logger,Variable oauth2client.locked_file.logger=oauth2client.locked_file-module.html#logger,Variable oauth2client.multistore_file.logger=oauth2client.multistore_file-module.html#logger,Variable oauth2client.util.logger=oauth2client.util-module.html#logger"><a title="apiclient.discovery.logger
oauth2client.appengine.logger
oauth2client.client.logger
oauth2client.crypt.logger
oauth2client.gce.logger
oauth2client.locked_file.logger
oauth2client.multistore_file.logger
oauth2client.util.logger" class="py-name" href="#" onclick="return doclink('link-4', 'logger', 'link-4');">logger</a></tt> <tt class="py-op">=</tt> <tt class="py-name">logging</tt><tt class="py-op">.</tt><tt class="py-name">getLogger</tt><tt class="py-op">(</tt><tt class="py-name">__name__</tt><tt class="py-op">)</tt> </tt>
<a name="AppIdentityError"></a><div id="AppIdentityError-def"><a name="L32"></a><tt class="py-lineno"> 32</tt>  <tt class="py-line"> </tt>
<a name="L33"></a><tt class="py-lineno"> 33</tt>  <tt class="py-line"> </tt>
<a name="L34"></a><tt class="py-lineno"> 34</tt> <a class="py-toggle" href="#" id="AppIdentityError-toggle" onclick="return toggle('AppIdentityError');">-</a><tt class="py-line"><tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.AppIdentityError-class.html">AppIdentityError</a><tt class="py-op">(</tt><tt class="py-base-class">Exception</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="AppIdentityError-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="AppIdentityError-expanded"><a name="L35"></a><tt class="py-lineno"> 35</tt>  <tt class="py-line">  <tt class="py-keyword">pass</tt> </tt>
</div><a name="L36"></a><tt class="py-lineno"> 36</tt>  <tt class="py-line"> </tt>
<a name="L37"></a><tt class="py-lineno"> 37</tt>  <tt class="py-line"> </tt>
<a name="L38"></a><tt class="py-lineno"> 38</tt>  <tt class="py-line"><tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L39"></a><tt class="py-lineno"> 39</tt>  <tt class="py-line">  <tt class="py-keyword">from</tt> <tt class="py-name">OpenSSL</tt> <tt class="py-keyword">import</tt> <tt class="py-name">crypto</tt> </tt>
<a name="OpenSSLVerifier"></a><div id="OpenSSLVerifier-def"><a name="L40"></a><tt class="py-lineno"> 40</tt>  <tt class="py-line"> </tt>
<a name="L41"></a><tt class="py-lineno"> 41</tt>  <tt class="py-line"> </tt>
<a name="L42"></a><tt class="py-lineno"> 42</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier-toggle" onclick="return toggle('OpenSSLVerifier');">-</a><tt class="py-line">  <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html">OpenSSLVerifier</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLVerifier-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="OpenSSLVerifier-expanded"><a name="L43"></a><tt class="py-lineno"> 43</tt>  <tt class="py-line">    <tt class="py-docstring">"""Verifies the signature on a message."""</tt> </tt>
<a name="L44"></a><tt class="py-lineno"> 44</tt>  <tt class="py-line"> </tt>
<a name="OpenSSLVerifier.__init__"></a><div id="OpenSSLVerifier.__init__-def"><a name="L45"></a><tt class="py-lineno"> 45</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier.__init__-toggle" onclick="return toggle('OpenSSLVerifier.__init__');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pubkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLVerifier.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLVerifier.__init__-expanded"><a name="L46"></a><tt class="py-lineno"> 46</tt>  <tt class="py-line">      <tt class="py-docstring">"""Constructor.</tt> </tt>
<a name="L47"></a><tt class="py-lineno"> 47</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L48"></a><tt class="py-lineno"> 48</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L49"></a><tt class="py-lineno"> 49</tt>  <tt class="py-line"><tt class="py-docstring">        pubkey, OpenSSL.crypto.PKey, The public key to verify with.</tt> </tt>
<a name="L50"></a><tt class="py-lineno"> 50</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L51"></a><tt class="py-lineno"> 51</tt>  <tt class="py-line">      <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">pubkey</tt> </tt>
</div><a name="L52"></a><tt class="py-lineno"> 52</tt>  <tt class="py-line"> </tt>
<a name="OpenSSLVerifier.verify"></a><div id="OpenSSLVerifier.verify-def"><a name="L53"></a><tt class="py-lineno"> 53</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier.verify-toggle" onclick="return toggle('OpenSSLVerifier.verify');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html#verify">verify</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">,</tt> <tt class="py-param">signature</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLVerifier.verify-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLVerifier.verify-expanded"><a name="L54"></a><tt class="py-lineno"> 54</tt>  <tt class="py-line">      <tt class="py-docstring">"""Verifies a message against a signature.</tt> </tt>
<a name="L55"></a><tt class="py-lineno"> 55</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L56"></a><tt class="py-lineno"> 56</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L57"></a><tt class="py-lineno"> 57</tt>  <tt class="py-line"><tt class="py-docstring">        message: string, The message to verify.</tt> </tt>
<a name="L58"></a><tt class="py-lineno"> 58</tt>  <tt class="py-line"><tt class="py-docstring">        signature: string, The signature on the message.</tt> </tt>
<a name="L59"></a><tt class="py-lineno"> 59</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L60"></a><tt class="py-lineno"> 60</tt>  <tt class="py-line"><tt class="py-docstring">      Returns:</tt> </tt>
<a name="L61"></a><tt class="py-lineno"> 61</tt>  <tt class="py-line"><tt class="py-docstring">        True if message was signed by the private key associated with the public</tt> </tt>
<a name="L62"></a><tt class="py-lineno"> 62</tt>  <tt class="py-line"><tt class="py-docstring">        key that this object was constructed with.</tt> </tt>
<a name="L63"></a><tt class="py-lineno"> 63</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L64"></a><tt class="py-lineno"> 64</tt>  <tt class="py-line">      <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L65"></a><tt class="py-lineno"> 65</tt>  <tt class="py-line">        <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt id="link-5" class="py-name" targets="Method apiclient.push.Subscription.verify()=apiclient.push.Subscription-class.html#verify"><a title="apiclient.push.Subscription.verify" class="py-name" href="#" onclick="return doclink('link-5', 'verify', 'link-5');">verify</a></tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt><tt class="py-op">,</tt> <tt class="py-name">signature</tt><tt class="py-op">,</tt> <tt class="py-name">message</tt><tt class="py-op">,</tt> <tt class="py-string">'sha256'</tt><tt class="py-op">)</tt> </tt>
<a name="L66"></a><tt class="py-lineno"> 66</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt class="py-name">True</tt> </tt>
<a name="L67"></a><tt class="py-lineno"> 67</tt>  <tt class="py-line">      <tt class="py-keyword">except</tt><tt class="py-op">:</tt> </tt>
<a name="L68"></a><tt class="py-lineno"> 68</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
</div><a name="L69"></a><tt class="py-lineno"> 69</tt>  <tt class="py-line"> </tt>
<a name="L70"></a><tt class="py-lineno"> 70</tt>  <tt class="py-line">    <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
<a name="OpenSSLVerifier.from_string"></a><div id="OpenSSLVerifier.from_string-def"><a name="L71"></a><tt class="py-lineno"> 71</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier.from_string-toggle" onclick="return toggle('OpenSSLVerifier.from_string');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key_pem</tt><tt class="py-op">,</tt> <tt class="py-param">is_x509_cert</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLVerifier.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLVerifier.from_string-expanded"><a name="L72"></a><tt class="py-lineno"> 72</tt>  <tt class="py-line">      <tt class="py-docstring">"""Construct a Verified instance from a string.</tt> </tt>
<a name="L73"></a><tt class="py-lineno"> 73</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L74"></a><tt class="py-lineno"> 74</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L75"></a><tt class="py-lineno"> 75</tt>  <tt class="py-line"><tt class="py-docstring">        key_pem: string, public key in PEM format.</tt> </tt>
<a name="L76"></a><tt class="py-lineno"> 76</tt>  <tt class="py-line"><tt class="py-docstring">        is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it is</tt> </tt>
<a name="L77"></a><tt class="py-lineno"> 77</tt>  <tt class="py-line"><tt class="py-docstring">          expected to be an RSA key in PEM format.</tt> </tt>
<a name="L78"></a><tt class="py-lineno"> 78</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L79"></a><tt class="py-lineno"> 79</tt>  <tt class="py-line"><tt class="py-docstring">      Returns:</tt> </tt>
<a name="L80"></a><tt class="py-lineno"> 80</tt>  <tt class="py-line"><tt class="py-docstring">        Verifier instance.</tt> </tt>
<a name="L81"></a><tt class="py-lineno"> 81</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L82"></a><tt class="py-lineno"> 82</tt>  <tt class="py-line"><tt class="py-docstring">      Raises:</tt> </tt>
<a name="L83"></a><tt class="py-lineno"> 83</tt>  <tt class="py-line"><tt class="py-docstring">        OpenSSL.crypto.Error if the key_pem can't be parsed.</tt> </tt>
<a name="L84"></a><tt class="py-lineno"> 84</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L85"></a><tt class="py-lineno"> 85</tt>  <tt class="py-line">      <tt class="py-keyword">if</tt> <tt class="py-name">is_x509_cert</tt><tt class="py-op">:</tt> </tt>
<a name="L86"></a><tt class="py-lineno"> 86</tt>  <tt class="py-line">        <tt class="py-name">pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_certificate</tt><tt class="py-op">(</tt><tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">FILETYPE_PEM</tt><tt class="py-op">,</tt> <tt class="py-name">key_pem</tt><tt class="py-op">)</tt> </tt>
<a name="L87"></a><tt class="py-lineno"> 87</tt>  <tt class="py-line">      <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
<a name="L88"></a><tt class="py-lineno"> 88</tt>  <tt class="py-line">        <tt class="py-name">pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_privatekey</tt><tt class="py-op">(</tt><tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">FILETYPE_PEM</tt><tt class="py-op">,</tt> <tt class="py-name">key_pem</tt><tt class="py-op">)</tt> </tt>
<a name="L89"></a><tt class="py-lineno"> 89</tt>  <tt class="py-line">      <tt class="py-keyword">return</tt> <tt id="link-6" class="py-name" targets="Variable oauth2client.crypt.OpenSSLVerifier=oauth2client.crypt-module.html#OpenSSLVerifier"><a title="oauth2client.crypt.OpenSSLVerifier" class="py-name" href="#" onclick="return doclink('link-6', 'OpenSSLVerifier', 'link-6');">OpenSSLVerifier</a></tt><tt class="py-op">(</tt><tt class="py-name">pubkey</tt><tt class="py-op">)</tt> </tt>
</div></div><a name="L90"></a><tt class="py-lineno"> 90</tt>  <tt class="py-line"> </tt>
<a name="OpenSSLSigner"></a><div id="OpenSSLSigner-def"><a name="L91"></a><tt class="py-lineno"> 91</tt>  <tt class="py-line"> </tt>
<a name="L92"></a><tt class="py-lineno"> 92</tt> <a class="py-toggle" href="#" id="OpenSSLSigner-toggle" onclick="return toggle('OpenSSLSigner');">-</a><tt class="py-line">  <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html">OpenSSLSigner</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLSigner-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="OpenSSLSigner-expanded"><a name="L93"></a><tt class="py-lineno"> 93</tt>  <tt class="py-line">    <tt class="py-docstring">"""Signs messages with a private key."""</tt> </tt>
<a name="L94"></a><tt class="py-lineno"> 94</tt>  <tt class="py-line"> </tt>
<a name="OpenSSLSigner.__init__"></a><div id="OpenSSLSigner.__init__-def"><a name="L95"></a><tt class="py-lineno"> 95</tt> <a class="py-toggle" href="#" id="OpenSSLSigner.__init__-toggle" onclick="return toggle('OpenSSLSigner.__init__');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLSigner.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLSigner.__init__-expanded"><a name="L96"></a><tt class="py-lineno"> 96</tt>  <tt class="py-line">      <tt class="py-docstring">"""Constructor.</tt> </tt>
<a name="L97"></a><tt class="py-lineno"> 97</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L98"></a><tt class="py-lineno"> 98</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L99"></a><tt class="py-lineno"> 99</tt>  <tt class="py-line"><tt class="py-docstring">        pkey, OpenSSL.crypto.PKey (or equiv), The private key to sign with.</tt> </tt>
<a name="L100"></a><tt class="py-lineno">100</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L101"></a><tt class="py-lineno">101</tt>  <tt class="py-line">      <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt> <tt class="py-op">=</tt> <tt class="py-name">pkey</tt> </tt>
</div><a name="L102"></a><tt class="py-lineno">102</tt>  <tt class="py-line"> </tt>
<a name="OpenSSLSigner.sign"></a><div id="OpenSSLSigner.sign-def"><a name="L103"></a><tt class="py-lineno">103</tt> <a class="py-toggle" href="#" id="OpenSSLSigner.sign-toggle" onclick="return toggle('OpenSSLSigner.sign');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html#sign">sign</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLSigner.sign-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLSigner.sign-expanded"><a name="L104"></a><tt class="py-lineno">104</tt>  <tt class="py-line">      <tt class="py-docstring">"""Signs a message.</tt> </tt>
<a name="L105"></a><tt class="py-lineno">105</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L106"></a><tt class="py-lineno">106</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L107"></a><tt class="py-lineno">107</tt>  <tt class="py-line"><tt class="py-docstring">        message: string, Message to be signed.</tt> </tt>
<a name="L108"></a><tt class="py-lineno">108</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L109"></a><tt class="py-lineno">109</tt>  <tt class="py-line"><tt class="py-docstring">      Returns:</tt> </tt>
<a name="L110"></a><tt class="py-lineno">110</tt>  <tt class="py-line"><tt class="py-docstring">        string, The signature of the message for the given key.</tt> </tt>
<a name="L111"></a><tt class="py-lineno">111</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L112"></a><tt class="py-lineno">112</tt>  <tt class="py-line">      <tt class="py-keyword">return</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">sign</tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt><tt class="py-op">,</tt> <tt class="py-name">message</tt><tt class="py-op">,</tt> <tt class="py-string">'sha256'</tt><tt class="py-op">)</tt> </tt>
</div><a name="L113"></a><tt class="py-lineno">113</tt>  <tt class="py-line"> </tt>
<a name="L114"></a><tt class="py-lineno">114</tt>  <tt class="py-line">    <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
<a name="OpenSSLSigner.from_string"></a><div id="OpenSSLSigner.from_string-def"><a name="L115"></a><tt class="py-lineno">115</tt> <a class="py-toggle" href="#" id="OpenSSLSigner.from_string-toggle" onclick="return toggle('OpenSSLSigner.from_string');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key</tt><tt class="py-op">,</tt> <tt class="py-param">password</tt><tt class="py-op">=</tt><tt class="py-string">'notasecret'</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLSigner.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLSigner.from_string-expanded"><a name="L116"></a><tt class="py-lineno">116</tt>  <tt class="py-line">      <tt class="py-docstring">"""Construct a Signer instance from a string.</tt> </tt>
<a name="L117"></a><tt class="py-lineno">117</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L118"></a><tt class="py-lineno">118</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L119"></a><tt class="py-lineno">119</tt>  <tt class="py-line"><tt class="py-docstring">        key: string, private key in PKCS12 or PEM format.</tt> </tt>
<a name="L120"></a><tt class="py-lineno">120</tt>  <tt class="py-line"><tt class="py-docstring">        password: string, password for the private key file.</tt> </tt>
<a name="L121"></a><tt class="py-lineno">121</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L122"></a><tt class="py-lineno">122</tt>  <tt class="py-line"><tt class="py-docstring">      Returns:</tt> </tt>
<a name="L123"></a><tt class="py-lineno">123</tt>  <tt class="py-line"><tt class="py-docstring">        Signer instance.</tt> </tt>
<a name="L124"></a><tt class="py-lineno">124</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L125"></a><tt class="py-lineno">125</tt>  <tt class="py-line"><tt class="py-docstring">      Raises:</tt> </tt>
<a name="L126"></a><tt class="py-lineno">126</tt>  <tt class="py-line"><tt class="py-docstring">        OpenSSL.crypto.Error if the key can't be parsed.</tt> </tt>
<a name="L127"></a><tt class="py-lineno">127</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L128"></a><tt class="py-lineno">128</tt>  <tt class="py-line">      <tt class="py-keyword">if</tt> <tt class="py-name">key</tt><tt class="py-op">.</tt><tt class="py-name">startswith</tt><tt class="py-op">(</tt><tt class="py-string">'-----BEGIN '</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L129"></a><tt class="py-lineno">129</tt>  <tt class="py-line">        <tt class="py-name">pkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_privatekey</tt><tt class="py-op">(</tt><tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">FILETYPE_PEM</tt><tt class="py-op">,</tt> <tt class="py-name">key</tt><tt class="py-op">)</tt> </tt>
<a name="L130"></a><tt class="py-lineno">130</tt>  <tt class="py-line">      <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
<a name="L131"></a><tt class="py-lineno">131</tt>  <tt class="py-line">        <tt class="py-name">pkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_pkcs12</tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">,</tt> <tt class="py-name">password</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">get_privatekey</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L132"></a><tt class="py-lineno">132</tt>  <tt class="py-line">      <tt class="py-keyword">return</tt> <tt id="link-7" class="py-name" targets="Variable oauth2client.crypt.OpenSSLSigner=oauth2client.crypt-module.html#OpenSSLSigner"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-7', 'OpenSSLSigner', 'link-7');">OpenSSLSigner</a></tt><tt class="py-op">(</tt><tt class="py-name">pkey</tt><tt class="py-op">)</tt> </tt>
</div></div><a name="L133"></a><tt class="py-lineno">133</tt>  <tt class="py-line"> </tt>
<a name="L134"></a><tt class="py-lineno">134</tt>  <tt class="py-line"><tt class="py-keyword">except</tt> <tt class="py-name">ImportError</tt><tt class="py-op">:</tt> </tt>
<a name="L135"></a><tt class="py-lineno">135</tt>  <tt class="py-line">  <tt id="link-8" class="py-name"><a title="oauth2client.crypt.OpenSSLVerifier" class="py-name" href="#" onclick="return doclink('link-8', 'OpenSSLVerifier', 'link-6');">OpenSSLVerifier</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
<a name="L136"></a><tt class="py-lineno">136</tt>  <tt class="py-line">  <tt id="link-9" class="py-name"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-9', 'OpenSSLSigner', 'link-7');">OpenSSLSigner</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
<a name="L137"></a><tt class="py-lineno">137</tt>  <tt class="py-line"> </tt>
<a name="L138"></a><tt class="py-lineno">138</tt>  <tt class="py-line"> </tt>
<a name="L139"></a><tt class="py-lineno">139</tt>  <tt class="py-line"><tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L140"></a><tt class="py-lineno">140</tt>  <tt class="py-line">  <tt class="py-keyword">from</tt> <tt class="py-name">Crypto</tt><tt class="py-op">.</tt><tt class="py-name">PublicKey</tt> <tt class="py-keyword">import</tt> <tt class="py-name">RSA</tt> </tt>
<a name="L141"></a><tt class="py-lineno">141</tt>  <tt class="py-line">  <tt class="py-keyword">from</tt> <tt class="py-name">Crypto</tt><tt class="py-op">.</tt><tt class="py-name">Hash</tt> <tt class="py-keyword">import</tt> <tt class="py-name">SHA256</tt> </tt>
<a name="L142"></a><tt class="py-lineno">142</tt>  <tt class="py-line">  <tt class="py-keyword">from</tt> <tt class="py-name">Crypto</tt><tt class="py-op">.</tt><tt class="py-name">Signature</tt> <tt class="py-keyword">import</tt> <tt class="py-name">PKCS1_v1_5</tt> </tt>
<a name="PyCryptoVerifier"></a><div id="PyCryptoVerifier-def"><a name="L143"></a><tt class="py-lineno">143</tt>  <tt class="py-line"> </tt>
<a name="L144"></a><tt class="py-lineno">144</tt>  <tt class="py-line"> </tt>
<a name="L145"></a><tt class="py-lineno">145</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier-toggle" onclick="return toggle('PyCryptoVerifier');">-</a><tt class="py-line">  <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html">PyCryptoVerifier</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoVerifier-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="PyCryptoVerifier-expanded"><a name="L146"></a><tt class="py-lineno">146</tt>  <tt class="py-line">    <tt class="py-docstring">"""Verifies the signature on a message."""</tt> </tt>
<a name="L147"></a><tt class="py-lineno">147</tt>  <tt class="py-line"> </tt>
<a name="PyCryptoVerifier.__init__"></a><div id="PyCryptoVerifier.__init__-def"><a name="L148"></a><tt class="py-lineno">148</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier.__init__-toggle" onclick="return toggle('PyCryptoVerifier.__init__');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pubkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoVerifier.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoVerifier.__init__-expanded"><a name="L149"></a><tt class="py-lineno">149</tt>  <tt class="py-line">      <tt class="py-docstring">"""Constructor.</tt> </tt>
<a name="L150"></a><tt class="py-lineno">150</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L151"></a><tt class="py-lineno">151</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L152"></a><tt class="py-lineno">152</tt>  <tt class="py-line"><tt class="py-docstring">        pubkey, OpenSSL.crypto.PKey (or equiv), The public key to verify with.</tt> </tt>
<a name="L153"></a><tt class="py-lineno">153</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L154"></a><tt class="py-lineno">154</tt>  <tt class="py-line">      <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">pubkey</tt> </tt>
</div><a name="L155"></a><tt class="py-lineno">155</tt>  <tt class="py-line"> </tt>
<a name="PyCryptoVerifier.verify"></a><div id="PyCryptoVerifier.verify-def"><a name="L156"></a><tt class="py-lineno">156</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier.verify-toggle" onclick="return toggle('PyCryptoVerifier.verify');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html#verify">verify</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">,</tt> <tt class="py-param">signature</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoVerifier.verify-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoVerifier.verify-expanded"><a name="L157"></a><tt class="py-lineno">157</tt>  <tt class="py-line">      <tt class="py-docstring">"""Verifies a message against a signature.</tt> </tt>
<a name="L158"></a><tt class="py-lineno">158</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L159"></a><tt class="py-lineno">159</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L160"></a><tt class="py-lineno">160</tt>  <tt class="py-line"><tt class="py-docstring">        message: string, The message to verify.</tt> </tt>
<a name="L161"></a><tt class="py-lineno">161</tt>  <tt class="py-line"><tt class="py-docstring">        signature: string, The signature on the message.</tt> </tt>
<a name="L162"></a><tt class="py-lineno">162</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L163"></a><tt class="py-lineno">163</tt>  <tt class="py-line"><tt class="py-docstring">      Returns:</tt> </tt>
<a name="L164"></a><tt class="py-lineno">164</tt>  <tt class="py-line"><tt class="py-docstring">        True if message was signed by the private key associated with the public</tt> </tt>
<a name="L165"></a><tt class="py-lineno">165</tt>  <tt class="py-line"><tt class="py-docstring">        key that this object was constructed with.</tt> </tt>
<a name="L166"></a><tt class="py-lineno">166</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L167"></a><tt class="py-lineno">167</tt>  <tt class="py-line">      <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L168"></a><tt class="py-lineno">168</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt class="py-name">PKCS1_v1_5</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-10" class="py-name"><a title="apiclient.push.Subscription.verify" class="py-name" href="#" onclick="return doclink('link-10', 'verify', 'link-5');">verify</a></tt><tt class="py-op">(</tt> </tt>
<a name="L169"></a><tt class="py-lineno">169</tt>  <tt class="py-line">            <tt class="py-name">SHA256</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">message</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> <tt class="py-name">signature</tt><tt class="py-op">)</tt> </tt>
<a name="L170"></a><tt class="py-lineno">170</tt>  <tt class="py-line">      <tt class="py-keyword">except</tt><tt class="py-op">:</tt> </tt>
<a name="L171"></a><tt class="py-lineno">171</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
</div><a name="L172"></a><tt class="py-lineno">172</tt>  <tt class="py-line"> </tt>
<a name="L173"></a><tt class="py-lineno">173</tt>  <tt class="py-line">    <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
<a name="PyCryptoVerifier.from_string"></a><div id="PyCryptoVerifier.from_string-def"><a name="L174"></a><tt class="py-lineno">174</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier.from_string-toggle" onclick="return toggle('PyCryptoVerifier.from_string');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key_pem</tt><tt class="py-op">,</tt> <tt class="py-param">is_x509_cert</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoVerifier.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoVerifier.from_string-expanded"><a name="L175"></a><tt class="py-lineno">175</tt>  <tt class="py-line">      <tt class="py-docstring">"""Construct a Verified instance from a string.</tt> </tt>
<a name="L176"></a><tt class="py-lineno">176</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L177"></a><tt class="py-lineno">177</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L178"></a><tt class="py-lineno">178</tt>  <tt class="py-line"><tt class="py-docstring">        key_pem: string, public key in PEM format.</tt> </tt>
<a name="L179"></a><tt class="py-lineno">179</tt>  <tt class="py-line"><tt class="py-docstring">        is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it is</tt> </tt>
<a name="L180"></a><tt class="py-lineno">180</tt>  <tt class="py-line"><tt class="py-docstring">          expected to be an RSA key in PEM format.</tt> </tt>
<a name="L181"></a><tt class="py-lineno">181</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L182"></a><tt class="py-lineno">182</tt>  <tt class="py-line"><tt class="py-docstring">      Returns:</tt> </tt>
<a name="L183"></a><tt class="py-lineno">183</tt>  <tt class="py-line"><tt class="py-docstring">        Verifier instance.</tt> </tt>
<a name="L184"></a><tt class="py-lineno">184</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L185"></a><tt class="py-lineno">185</tt>  <tt class="py-line"><tt class="py-docstring">      Raises:</tt> </tt>
<a name="L186"></a><tt class="py-lineno">186</tt>  <tt class="py-line"><tt class="py-docstring">        NotImplementedError if is_x509_cert is true.</tt> </tt>
<a name="L187"></a><tt class="py-lineno">187</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L188"></a><tt class="py-lineno">188</tt>  <tt class="py-line">      <tt class="py-keyword">if</tt> <tt class="py-name">is_x509_cert</tt><tt class="py-op">:</tt> </tt>
<a name="L189"></a><tt class="py-lineno">189</tt>  <tt class="py-line">        <tt class="py-keyword">raise</tt> <tt class="py-name">NotImplementedError</tt><tt class="py-op">(</tt> </tt>
<a name="L190"></a><tt class="py-lineno">190</tt>  <tt class="py-line">            <tt class="py-string">'X509 certs are not supported by the PyCrypto library. '</tt> </tt>
<a name="L191"></a><tt class="py-lineno">191</tt>  <tt class="py-line">            <tt class="py-string">'Try using PyOpenSSL if native code is an option.'</tt><tt class="py-op">)</tt> </tt>
<a name="L192"></a><tt class="py-lineno">192</tt>  <tt class="py-line">      <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
<a name="L193"></a><tt class="py-lineno">193</tt>  <tt class="py-line">        <tt class="py-name">pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">RSA</tt><tt class="py-op">.</tt><tt class="py-name">importKey</tt><tt class="py-op">(</tt><tt class="py-name">key_pem</tt><tt class="py-op">)</tt> </tt>
<a name="L194"></a><tt class="py-lineno">194</tt>  <tt class="py-line">      <tt class="py-keyword">return</tt> <tt id="link-11" class="py-name" targets="Variable oauth2client.crypt.PyCryptoVerifier=oauth2client.crypt-module.html#PyCryptoVerifier"><a title="oauth2client.crypt.PyCryptoVerifier" class="py-name" href="#" onclick="return doclink('link-11', 'PyCryptoVerifier', 'link-11');">PyCryptoVerifier</a></tt><tt class="py-op">(</tt><tt class="py-name">pubkey</tt><tt class="py-op">)</tt> </tt>
</div></div><a name="L195"></a><tt class="py-lineno">195</tt>  <tt class="py-line"> </tt>
<a name="PyCryptoSigner"></a><div id="PyCryptoSigner-def"><a name="L196"></a><tt class="py-lineno">196</tt>  <tt class="py-line"> </tt>
<a name="L197"></a><tt class="py-lineno">197</tt> <a class="py-toggle" href="#" id="PyCryptoSigner-toggle" onclick="return toggle('PyCryptoSigner');">-</a><tt class="py-line">  <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html">PyCryptoSigner</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoSigner-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="PyCryptoSigner-expanded"><a name="L198"></a><tt class="py-lineno">198</tt>  <tt class="py-line">    <tt class="py-docstring">"""Signs messages with a private key."""</tt> </tt>
<a name="L199"></a><tt class="py-lineno">199</tt>  <tt class="py-line"> </tt>
<a name="PyCryptoSigner.__init__"></a><div id="PyCryptoSigner.__init__-def"><a name="L200"></a><tt class="py-lineno">200</tt> <a class="py-toggle" href="#" id="PyCryptoSigner.__init__-toggle" onclick="return toggle('PyCryptoSigner.__init__');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoSigner.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoSigner.__init__-expanded"><a name="L201"></a><tt class="py-lineno">201</tt>  <tt class="py-line">      <tt class="py-docstring">"""Constructor.</tt> </tt>
<a name="L202"></a><tt class="py-lineno">202</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L203"></a><tt class="py-lineno">203</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L204"></a><tt class="py-lineno">204</tt>  <tt class="py-line"><tt class="py-docstring">        pkey, OpenSSL.crypto.PKey (or equiv), The private key to sign with.</tt> </tt>
<a name="L205"></a><tt class="py-lineno">205</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L206"></a><tt class="py-lineno">206</tt>  <tt class="py-line">      <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt> <tt class="py-op">=</tt> <tt class="py-name">pkey</tt> </tt>
</div><a name="L207"></a><tt class="py-lineno">207</tt>  <tt class="py-line"> </tt>
<a name="PyCryptoSigner.sign"></a><div id="PyCryptoSigner.sign-def"><a name="L208"></a><tt class="py-lineno">208</tt> <a class="py-toggle" href="#" id="PyCryptoSigner.sign-toggle" onclick="return toggle('PyCryptoSigner.sign');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html#sign">sign</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoSigner.sign-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoSigner.sign-expanded"><a name="L209"></a><tt class="py-lineno">209</tt>  <tt class="py-line">      <tt class="py-docstring">"""Signs a message.</tt> </tt>
<a name="L210"></a><tt class="py-lineno">210</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L211"></a><tt class="py-lineno">211</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L212"></a><tt class="py-lineno">212</tt>  <tt class="py-line"><tt class="py-docstring">        message: string, Message to be signed.</tt> </tt>
<a name="L213"></a><tt class="py-lineno">213</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L214"></a><tt class="py-lineno">214</tt>  <tt class="py-line"><tt class="py-docstring">      Returns:</tt> </tt>
<a name="L215"></a><tt class="py-lineno">215</tt>  <tt class="py-line"><tt class="py-docstring">        string, The signature of the message for the given key.</tt> </tt>
<a name="L216"></a><tt class="py-lineno">216</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L217"></a><tt class="py-lineno">217</tt>  <tt class="py-line">      <tt class="py-keyword">return</tt> <tt class="py-name">PKCS1_v1_5</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">sign</tt><tt class="py-op">(</tt><tt class="py-name">SHA256</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">message</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
</div><a name="L218"></a><tt class="py-lineno">218</tt>  <tt class="py-line"> </tt>
<a name="L219"></a><tt class="py-lineno">219</tt>  <tt class="py-line">    <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
<a name="PyCryptoSigner.from_string"></a><div id="PyCryptoSigner.from_string-def"><a name="L220"></a><tt class="py-lineno">220</tt> <a class="py-toggle" href="#" id="PyCryptoSigner.from_string-toggle" onclick="return toggle('PyCryptoSigner.from_string');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key</tt><tt class="py-op">,</tt> <tt class="py-param">password</tt><tt class="py-op">=</tt><tt class="py-string">'notasecret'</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoSigner.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoSigner.from_string-expanded"><a name="L221"></a><tt class="py-lineno">221</tt>  <tt class="py-line">      <tt class="py-docstring">"""Construct a Signer instance from a string.</tt> </tt>
<a name="L222"></a><tt class="py-lineno">222</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L223"></a><tt class="py-lineno">223</tt>  <tt class="py-line"><tt class="py-docstring">      Args:</tt> </tt>
<a name="L224"></a><tt class="py-lineno">224</tt>  <tt class="py-line"><tt class="py-docstring">        key: string, private key in PEM format.</tt> </tt>
<a name="L225"></a><tt class="py-lineno">225</tt>  <tt class="py-line"><tt class="py-docstring">        password: string, password for private key file. Unused for PEM files.</tt> </tt>
<a name="L226"></a><tt class="py-lineno">226</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L227"></a><tt class="py-lineno">227</tt>  <tt class="py-line"><tt class="py-docstring">      Returns:</tt> </tt>
<a name="L228"></a><tt class="py-lineno">228</tt>  <tt class="py-line"><tt class="py-docstring">        Signer instance.</tt> </tt>
<a name="L229"></a><tt class="py-lineno">229</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L230"></a><tt class="py-lineno">230</tt>  <tt class="py-line"><tt class="py-docstring">      Raises:</tt> </tt>
<a name="L231"></a><tt class="py-lineno">231</tt>  <tt class="py-line"><tt class="py-docstring">        NotImplementedError if they key isn't in PEM format.</tt> </tt>
<a name="L232"></a><tt class="py-lineno">232</tt>  <tt class="py-line"><tt class="py-docstring">      """</tt> </tt>
<a name="L233"></a><tt class="py-lineno">233</tt>  <tt class="py-line">      <tt class="py-keyword">if</tt> <tt class="py-name">key</tt><tt class="py-op">.</tt><tt class="py-name">startswith</tt><tt class="py-op">(</tt><tt class="py-string">'-----BEGIN '</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L234"></a><tt class="py-lineno">234</tt>  <tt class="py-line">        <tt class="py-name">pkey</tt> <tt class="py-op">=</tt> <tt class="py-name">RSA</tt><tt class="py-op">.</tt><tt class="py-name">importKey</tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">)</tt> </tt>
<a name="L235"></a><tt class="py-lineno">235</tt>  <tt class="py-line">      <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
<a name="L236"></a><tt class="py-lineno">236</tt>  <tt class="py-line">        <tt class="py-keyword">raise</tt> <tt class="py-name">NotImplementedError</tt><tt class="py-op">(</tt> </tt>
<a name="L237"></a><tt class="py-lineno">237</tt>  <tt class="py-line">            <tt class="py-string">'PKCS12 format is not supported by the PyCrpto library. '</tt> </tt>
<a name="L238"></a><tt class="py-lineno">238</tt>  <tt class="py-line">            <tt class="py-string">'Try converting to a "PEM" '</tt> </tt>
<a name="L239"></a><tt class="py-lineno">239</tt>  <tt class="py-line">            <tt class="py-string">'(openssl pkcs12 -in xxxxx.p12 -nodes -nocerts &gt; privatekey.pem) '</tt> </tt>
<a name="L240"></a><tt class="py-lineno">240</tt>  <tt class="py-line">            <tt class="py-string">'or using PyOpenSSL if native code is an option.'</tt><tt class="py-op">)</tt> </tt>
<a name="L241"></a><tt class="py-lineno">241</tt>  <tt class="py-line">      <tt class="py-keyword">return</tt> <tt id="link-12" class="py-name" targets="Variable oauth2client.crypt.PyCryptoSigner=oauth2client.crypt-module.html#PyCryptoSigner"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-12', 'PyCryptoSigner', 'link-12');">PyCryptoSigner</a></tt><tt class="py-op">(</tt><tt class="py-name">pkey</tt><tt class="py-op">)</tt> </tt>
</div></div><a name="L242"></a><tt class="py-lineno">242</tt>  <tt class="py-line"> </tt>
<a name="L243"></a><tt class="py-lineno">243</tt>  <tt class="py-line"><tt class="py-keyword">except</tt> <tt class="py-name">ImportError</tt><tt class="py-op">:</tt> </tt>
<a name="L244"></a><tt class="py-lineno">244</tt>  <tt class="py-line">  <tt id="link-13" class="py-name"><a title="oauth2client.crypt.PyCryptoVerifier" class="py-name" href="#" onclick="return doclink('link-13', 'PyCryptoVerifier', 'link-11');">PyCryptoVerifier</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
<a name="L245"></a><tt class="py-lineno">245</tt>  <tt class="py-line">  <tt id="link-14" class="py-name"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-14', 'PyCryptoSigner', 'link-12');">PyCryptoSigner</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
<a name="L246"></a><tt class="py-lineno">246</tt>  <tt class="py-line"> </tt>
<a name="L247"></a><tt class="py-lineno">247</tt>  <tt class="py-line"> </tt>
<a name="L248"></a><tt class="py-lineno">248</tt>  <tt class="py-line"><tt class="py-keyword">if</tt> <tt id="link-15" class="py-name"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-15', 'OpenSSLSigner', 'link-7');">OpenSSLSigner</a></tt><tt class="py-op">:</tt> </tt>
<a name="L249"></a><tt class="py-lineno">249</tt>  <tt class="py-line">  <tt id="link-16" class="py-name" targets="Variable oauth2client.crypt.Signer=oauth2client.crypt-module.html#Signer"><a title="oauth2client.crypt.Signer" class="py-name" href="#" onclick="return doclink('link-16', 'Signer', 'link-16');">Signer</a></tt> <tt class="py-op">=</tt> <tt id="link-17" class="py-name"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-17', 'OpenSSLSigner', 'link-7');">OpenSSLSigner</a></tt> </tt>
<a name="L250"></a><tt class="py-lineno">250</tt>  <tt class="py-line">  <tt id="link-18" class="py-name" targets="Variable oauth2client.crypt.Verifier=oauth2client.crypt-module.html#Verifier"><a title="oauth2client.crypt.Verifier" class="py-name" href="#" onclick="return doclink('link-18', 'Verifier', 'link-18');">Verifier</a></tt> <tt class="py-op">=</tt> <tt id="link-19" class="py-name"><a title="oauth2client.crypt.OpenSSLVerifier" class="py-name" href="#" onclick="return doclink('link-19', 'OpenSSLVerifier', 'link-6');">OpenSSLVerifier</a></tt> </tt>
<a name="L251"></a><tt class="py-lineno">251</tt>  <tt class="py-line"><tt class="py-keyword">elif</tt> <tt id="link-20" class="py-name"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-20', 'PyCryptoSigner', 'link-12');">PyCryptoSigner</a></tt><tt class="py-op">:</tt> </tt>
<a name="L252"></a><tt class="py-lineno">252</tt>  <tt class="py-line">  <tt id="link-21" class="py-name"><a title="oauth2client.crypt.Signer" class="py-name" href="#" onclick="return doclink('link-21', 'Signer', 'link-16');">Signer</a></tt> <tt class="py-op">=</tt> <tt id="link-22" class="py-name"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-22', 'PyCryptoSigner', 'link-12');">PyCryptoSigner</a></tt> </tt>
<a name="L253"></a><tt class="py-lineno">253</tt>  <tt class="py-line">  <tt id="link-23" class="py-name"><a title="oauth2client.crypt.Verifier" class="py-name" href="#" onclick="return doclink('link-23', 'Verifier', 'link-18');">Verifier</a></tt> <tt class="py-op">=</tt> <tt id="link-24" class="py-name"><a title="oauth2client.crypt.PyCryptoVerifier" class="py-name" href="#" onclick="return doclink('link-24', 'PyCryptoVerifier', 'link-11');">PyCryptoVerifier</a></tt> </tt>
<a name="L254"></a><tt class="py-lineno">254</tt>  <tt class="py-line"><tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
<a name="L255"></a><tt class="py-lineno">255</tt>  <tt class="py-line">  <tt class="py-keyword">raise</tt> <tt class="py-name">ImportError</tt><tt class="py-op">(</tt><tt class="py-string">'No encryption library found. Please install either '</tt> </tt>
<a name="L256"></a><tt class="py-lineno">256</tt>  <tt class="py-line">                    <tt class="py-string">'PyOpenSSL, or PyCrypto 2.6 or later'</tt><tt class="py-op">)</tt> </tt>
<a name="_urlsafe_b64encode"></a><div id="_urlsafe_b64encode-def"><a name="L257"></a><tt class="py-lineno">257</tt>  <tt class="py-line"> </tt>
<a name="L258"></a><tt class="py-lineno">258</tt>  <tt class="py-line"> </tt>
<a name="L259"></a><tt class="py-lineno">259</tt> <a class="py-toggle" href="#" id="_urlsafe_b64encode-toggle" onclick="return toggle('_urlsafe_b64encode');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#_urlsafe_b64encode">_urlsafe_b64encode</a><tt class="py-op">(</tt><tt class="py-param">raw_bytes</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="_urlsafe_b64encode-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="_urlsafe_b64encode-expanded"><a name="L260"></a><tt class="py-lineno">260</tt>  <tt class="py-line">  <tt class="py-keyword">return</tt> <tt class="py-name">base64</tt><tt class="py-op">.</tt><tt class="py-name">urlsafe_b64encode</tt><tt class="py-op">(</tt><tt class="py-name">raw_bytes</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">rstrip</tt><tt class="py-op">(</tt><tt class="py-string">'='</tt><tt class="py-op">)</tt> </tt>
</div><a name="L261"></a><tt class="py-lineno">261</tt>  <tt class="py-line"> </tt>
<a name="_urlsafe_b64decode"></a><div id="_urlsafe_b64decode-def"><a name="L262"></a><tt class="py-lineno">262</tt>  <tt class="py-line"> </tt>
<a name="L263"></a><tt class="py-lineno">263</tt> <a class="py-toggle" href="#" id="_urlsafe_b64decode-toggle" onclick="return toggle('_urlsafe_b64decode');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#_urlsafe_b64decode">_urlsafe_b64decode</a><tt class="py-op">(</tt><tt class="py-param">b64string</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="_urlsafe_b64decode-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="_urlsafe_b64decode-expanded"><a name="L264"></a><tt class="py-lineno">264</tt>  <tt class="py-line">  <tt class="py-comment"># Guard against unicode strings, which base64 can't handle.</tt> </tt>
<a name="L265"></a><tt class="py-lineno">265</tt>  <tt class="py-line">  <tt class="py-name">b64string</tt> <tt class="py-op">=</tt> <tt class="py-name">b64string</tt><tt class="py-op">.</tt><tt class="py-name">encode</tt><tt class="py-op">(</tt><tt class="py-string">'ascii'</tt><tt class="py-op">)</tt> </tt>
<a name="L266"></a><tt class="py-lineno">266</tt>  <tt class="py-line">  <tt class="py-name">padded</tt> <tt class="py-op">=</tt> <tt class="py-name">b64string</tt> <tt class="py-op">+</tt> <tt class="py-string">'='</tt> <tt class="py-op">*</tt> <tt class="py-op">(</tt><tt class="py-number">4</tt> <tt class="py-op">-</tt> <tt class="py-name">len</tt><tt class="py-op">(</tt><tt class="py-name">b64string</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> <tt class="py-number">4</tt><tt class="py-op">)</tt> </tt>
<a name="L267"></a><tt class="py-lineno">267</tt>  <tt class="py-line">  <tt class="py-keyword">return</tt> <tt class="py-name">base64</tt><tt class="py-op">.</tt><tt class="py-name">urlsafe_b64decode</tt><tt class="py-op">(</tt><tt class="py-name">padded</tt><tt class="py-op">)</tt> </tt>
</div><a name="L268"></a><tt class="py-lineno">268</tt>  <tt class="py-line"> </tt>
<a name="_json_encode"></a><div id="_json_encode-def"><a name="L269"></a><tt class="py-lineno">269</tt>  <tt class="py-line"> </tt>
<a name="L270"></a><tt class="py-lineno">270</tt> <a class="py-toggle" href="#" id="_json_encode-toggle" onclick="return toggle('_json_encode');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#_json_encode">_json_encode</a><tt class="py-op">(</tt><tt class="py-param">data</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="_json_encode-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="_json_encode-expanded"><a name="L271"></a><tt class="py-lineno">271</tt>  <tt class="py-line">  <tt class="py-keyword">return</tt> <tt class="py-name">simplejson</tt><tt class="py-op">.</tt><tt class="py-name">dumps</tt><tt class="py-op">(</tt><tt class="py-name">data</tt><tt class="py-op">,</tt> <tt class="py-name">separators</tt> <tt class="py-op">=</tt> <tt class="py-op">(</tt><tt class="py-string">','</tt><tt class="py-op">,</tt> <tt class="py-string">':'</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
</div><a name="L272"></a><tt class="py-lineno">272</tt>  <tt class="py-line"> </tt>
<a name="make_signed_jwt"></a><div id="make_signed_jwt-def"><a name="L273"></a><tt class="py-lineno">273</tt>  <tt class="py-line"> </tt>
<a name="L274"></a><tt class="py-lineno">274</tt> <a class="py-toggle" href="#" id="make_signed_jwt-toggle" onclick="return toggle('make_signed_jwt');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#make_signed_jwt">make_signed_jwt</a><tt class="py-op">(</tt><tt class="py-param">signer</tt><tt class="py-op">,</tt> <tt class="py-param">payload</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="make_signed_jwt-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="make_signed_jwt-expanded"><a name="L275"></a><tt class="py-lineno">275</tt>  <tt class="py-line">  <tt class="py-docstring">"""Make a signed JWT.</tt> </tt>
<a name="L276"></a><tt class="py-lineno">276</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L277"></a><tt class="py-lineno">277</tt>  <tt class="py-line"><tt class="py-docstring">  See http://self-issued.info/docs/draft-jones-json-web-token.html.</tt> </tt>
<a name="L278"></a><tt class="py-lineno">278</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L279"></a><tt class="py-lineno">279</tt>  <tt class="py-line"><tt class="py-docstring">  Args:</tt> </tt>
<a name="L280"></a><tt class="py-lineno">280</tt>  <tt class="py-line"><tt class="py-docstring">    signer: crypt.Signer, Cryptographic signer.</tt> </tt>
<a name="L281"></a><tt class="py-lineno">281</tt>  <tt class="py-line"><tt class="py-docstring">    payload: dict, Dictionary of data to convert to JSON and then sign.</tt> </tt>
<a name="L282"></a><tt class="py-lineno">282</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L283"></a><tt class="py-lineno">283</tt>  <tt class="py-line"><tt class="py-docstring">  Returns:</tt> </tt>
<a name="L284"></a><tt class="py-lineno">284</tt>  <tt class="py-line"><tt class="py-docstring">    string, The JWT for the payload.</tt> </tt>
<a name="L285"></a><tt class="py-lineno">285</tt>  <tt class="py-line"><tt class="py-docstring">  """</tt> </tt>
<a name="L286"></a><tt class="py-lineno">286</tt>  <tt class="py-line">  <tt class="py-name">header</tt> <tt class="py-op">=</tt> <tt class="py-op">{</tt><tt class="py-string">'typ'</tt><tt class="py-op">:</tt> <tt class="py-string">'JWT'</tt><tt class="py-op">,</tt> <tt class="py-string">'alg'</tt><tt class="py-op">:</tt> <tt class="py-string">'RS256'</tt><tt class="py-op">}</tt> </tt>
<a name="L287"></a><tt class="py-lineno">287</tt>  <tt class="py-line"> </tt>
<a name="L288"></a><tt class="py-lineno">288</tt>  <tt class="py-line">  <tt class="py-name">segments</tt> <tt class="py-op">=</tt> <tt class="py-op">[</tt> </tt>
<a name="L289"></a><tt class="py-lineno">289</tt>  <tt class="py-line">          <tt id="link-25" class="py-name" targets="Function oauth2client.crypt._urlsafe_b64encode()=oauth2client.crypt-module.html#_urlsafe_b64encode"><a title="oauth2client.crypt._urlsafe_b64encode" class="py-name" href="#" onclick="return doclink('link-25', '_urlsafe_b64encode', 'link-25');">_urlsafe_b64encode</a></tt><tt class="py-op">(</tt><tt id="link-26" class="py-name" targets="Function oauth2client.crypt._json_encode()=oauth2client.crypt-module.html#_json_encode"><a title="oauth2client.crypt._json_encode" class="py-name" href="#" onclick="return doclink('link-26', '_json_encode', 'link-26');">_json_encode</a></tt><tt class="py-op">(</tt><tt class="py-name">header</tt><tt class="py-op">)</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L290"></a><tt class="py-lineno">290</tt>  <tt class="py-line">          <tt id="link-27" class="py-name"><a title="oauth2client.crypt._urlsafe_b64encode" class="py-name" href="#" onclick="return doclink('link-27', '_urlsafe_b64encode', 'link-25');">_urlsafe_b64encode</a></tt><tt class="py-op">(</tt><tt id="link-28" class="py-name"><a title="oauth2client.crypt._json_encode" class="py-name" href="#" onclick="return doclink('link-28', '_json_encode', 'link-26');">_json_encode</a></tt><tt class="py-op">(</tt><tt class="py-name">payload</tt><tt class="py-op">)</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L291"></a><tt class="py-lineno">291</tt>  <tt class="py-line">  <tt class="py-op">]</tt> </tt>
<a name="L292"></a><tt class="py-lineno">292</tt>  <tt class="py-line">  <tt class="py-name">signing_input</tt> <tt class="py-op">=</tt> <tt class="py-string">'.'</tt><tt class="py-op">.</tt><tt class="py-name">join</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt> </tt>
<a name="L293"></a><tt class="py-lineno">293</tt>  <tt class="py-line"> </tt>
<a name="L294"></a><tt class="py-lineno">294</tt>  <tt class="py-line">  <tt class="py-name">signature</tt> <tt class="py-op">=</tt> <tt class="py-name">signer</tt><tt class="py-op">.</tt><tt class="py-name">sign</tt><tt class="py-op">(</tt><tt class="py-name">signing_input</tt><tt class="py-op">)</tt> </tt>
<a name="L295"></a><tt class="py-lineno">295</tt>  <tt class="py-line">  <tt class="py-name">segments</tt><tt class="py-op">.</tt><tt class="py-name">append</tt><tt class="py-op">(</tt><tt id="link-29" class="py-name"><a title="oauth2client.crypt._urlsafe_b64encode" class="py-name" href="#" onclick="return doclink('link-29', '_urlsafe_b64encode', 'link-25');">_urlsafe_b64encode</a></tt><tt class="py-op">(</tt><tt class="py-name">signature</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L296"></a><tt class="py-lineno">296</tt>  <tt class="py-line"> </tt>
<a name="L297"></a><tt class="py-lineno">297</tt>  <tt class="py-line">  <tt id="link-30" class="py-name"><a title="apiclient.discovery.logger
oauth2client.appengine.logger
oauth2client.client.logger
oauth2client.crypt.logger
oauth2client.gce.logger
oauth2client.locked_file.logger
oauth2client.multistore_file.logger
oauth2client.util.logger" class="py-name" href="#" onclick="return doclink('link-30', 'logger', 'link-4');">logger</a></tt><tt class="py-op">.</tt><tt class="py-name">debug</tt><tt class="py-op">(</tt><tt class="py-name">str</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L298"></a><tt class="py-lineno">298</tt>  <tt class="py-line"> </tt>
<a name="L299"></a><tt class="py-lineno">299</tt>  <tt class="py-line">  <tt class="py-keyword">return</tt> <tt class="py-string">'.'</tt><tt class="py-op">.</tt><tt class="py-name">join</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt> </tt>
</div><a name="L300"></a><tt class="py-lineno">300</tt>  <tt class="py-line"> </tt>
<a name="verify_signed_jwt_with_certs"></a><div id="verify_signed_jwt_with_certs-def"><a name="L301"></a><tt class="py-lineno">301</tt>  <tt class="py-line"> </tt>
<a name="L302"></a><tt class="py-lineno">302</tt> <a class="py-toggle" href="#" id="verify_signed_jwt_with_certs-toggle" onclick="return toggle('verify_signed_jwt_with_certs');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#verify_signed_jwt_with_certs">verify_signed_jwt_with_certs</a><tt class="py-op">(</tt><tt class="py-param">jwt</tt><tt class="py-op">,</tt> <tt class="py-param">certs</tt><tt class="py-op">,</tt> <tt class="py-param">audience</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="verify_signed_jwt_with_certs-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="verify_signed_jwt_with_certs-expanded"><a name="L303"></a><tt class="py-lineno">303</tt>  <tt class="py-line">  <tt class="py-docstring">"""Verify a JWT against public certs.</tt> </tt>
<a name="L304"></a><tt class="py-lineno">304</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L305"></a><tt class="py-lineno">305</tt>  <tt class="py-line"><tt class="py-docstring">  See http://self-issued.info/docs/draft-jones-json-web-token.html.</tt> </tt>
<a name="L306"></a><tt class="py-lineno">306</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L307"></a><tt class="py-lineno">307</tt>  <tt class="py-line"><tt class="py-docstring">  Args:</tt> </tt>
<a name="L308"></a><tt class="py-lineno">308</tt>  <tt class="py-line"><tt class="py-docstring">    jwt: string, A JWT.</tt> </tt>
<a name="L309"></a><tt class="py-lineno">309</tt>  <tt class="py-line"><tt class="py-docstring">    certs: dict, Dictionary where values of public keys in PEM format.</tt> </tt>
<a name="L310"></a><tt class="py-lineno">310</tt>  <tt class="py-line"><tt class="py-docstring">    audience: string, The audience, 'aud', that this JWT should contain. If</tt> </tt>
<a name="L311"></a><tt class="py-lineno">311</tt>  <tt class="py-line"><tt class="py-docstring">      None then the JWT's 'aud' parameter is not verified.</tt> </tt>
<a name="L312"></a><tt class="py-lineno">312</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L313"></a><tt class="py-lineno">313</tt>  <tt class="py-line"><tt class="py-docstring">  Returns:</tt> </tt>
<a name="L314"></a><tt class="py-lineno">314</tt>  <tt class="py-line"><tt class="py-docstring">    dict, The deserialized JSON payload in the JWT.</tt> </tt>
<a name="L315"></a><tt class="py-lineno">315</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L316"></a><tt class="py-lineno">316</tt>  <tt class="py-line"><tt class="py-docstring">  Raises:</tt> </tt>
<a name="L317"></a><tt class="py-lineno">317</tt>  <tt class="py-line"><tt class="py-docstring">    AppIdentityError if any checks are failed.</tt> </tt>
<a name="L318"></a><tt class="py-lineno">318</tt>  <tt class="py-line"><tt class="py-docstring">  """</tt> </tt>
<a name="L319"></a><tt class="py-lineno">319</tt>  <tt class="py-line">  <tt class="py-name">segments</tt> <tt class="py-op">=</tt> <tt class="py-name">jwt</tt><tt class="py-op">.</tt><tt class="py-name">split</tt><tt class="py-op">(</tt><tt class="py-string">'.'</tt><tt class="py-op">)</tt> </tt>
<a name="L320"></a><tt class="py-lineno">320</tt>  <tt class="py-line"> </tt>
<a name="L321"></a><tt class="py-lineno">321</tt>  <tt class="py-line">  <tt class="py-keyword">if</tt> <tt class="py-op">(</tt><tt class="py-name">len</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt> <tt class="py-op">!=</tt> <tt class="py-number">3</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L322"></a><tt class="py-lineno">322</tt>  <tt class="py-line">    <tt class="py-keyword">raise</tt> <tt id="link-31" class="py-name" targets="Class oauth2client.crypt.AppIdentityError=oauth2client.crypt.AppIdentityError-class.html"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-31', 'AppIdentityError', 'link-31');">AppIdentityError</a></tt><tt class="py-op">(</tt> </tt>
<a name="L323"></a><tt class="py-lineno">323</tt>  <tt class="py-line">      <tt class="py-string">'Wrong number of segments in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">jwt</tt><tt class="py-op">)</tt> </tt>
<a name="L324"></a><tt class="py-lineno">324</tt>  <tt class="py-line">  <tt class="py-name">signed</tt> <tt class="py-op">=</tt> <tt class="py-string">'%s.%s'</tt> <tt class="py-op">%</tt> <tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">0</tt><tt class="py-op">]</tt><tt class="py-op">,</tt> <tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">1</tt><tt class="py-op">]</tt><tt class="py-op">)</tt> </tt>
<a name="L325"></a><tt class="py-lineno">325</tt>  <tt class="py-line"> </tt>
<a name="L326"></a><tt class="py-lineno">326</tt>  <tt class="py-line">  <tt class="py-name">signature</tt> <tt class="py-op">=</tt> <tt id="link-32" class="py-name" targets="Function oauth2client.client._urlsafe_b64decode()=oauth2client.client-module.html#_urlsafe_b64decode,Function oauth2client.crypt._urlsafe_b64decode()=oauth2client.crypt-module.html#_urlsafe_b64decode"><a title="oauth2client.client._urlsafe_b64decode
oauth2client.crypt._urlsafe_b64decode" class="py-name" href="#" onclick="return doclink('link-32', '_urlsafe_b64decode', 'link-32');">_urlsafe_b64decode</a></tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">2</tt><tt class="py-op">]</tt><tt class="py-op">)</tt> </tt>
<a name="L327"></a><tt class="py-lineno">327</tt>  <tt class="py-line"> </tt>
<a name="L328"></a><tt class="py-lineno">328</tt>  <tt class="py-line">  <tt class="py-comment"># Parse token.</tt> </tt>
<a name="L329"></a><tt class="py-lineno">329</tt>  <tt class="py-line">  <tt class="py-name">json_body</tt> <tt class="py-op">=</tt> <tt id="link-33" class="py-name"><a title="oauth2client.client._urlsafe_b64decode
oauth2client.crypt._urlsafe_b64decode" class="py-name" href="#" onclick="return doclink('link-33', '_urlsafe_b64decode', 'link-32');">_urlsafe_b64decode</a></tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">1</tt><tt class="py-op">]</tt><tt class="py-op">)</tt> </tt>
<a name="L330"></a><tt class="py-lineno">330</tt>  <tt class="py-line">  <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L331"></a><tt class="py-lineno">331</tt>  <tt class="py-line">    <tt class="py-name">parsed</tt> <tt class="py-op">=</tt> <tt class="py-name">simplejson</tt><tt class="py-op">.</tt><tt id="link-34" class="py-name" targets="Function oauth2client.clientsecrets.loads()=oauth2client.clientsecrets-module.html#loads"><a title="oauth2client.clientsecrets.loads" class="py-name" href="#" onclick="return doclink('link-34', 'loads', 'link-34');">loads</a></tt><tt class="py-op">(</tt><tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L332"></a><tt class="py-lineno">332</tt>  <tt class="py-line">  <tt class="py-keyword">except</tt><tt class="py-op">:</tt> </tt>
<a name="L333"></a><tt class="py-lineno">333</tt>  <tt class="py-line">    <tt class="py-keyword">raise</tt> <tt id="link-35" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-35', 'AppIdentityError', 'link-31');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Can\'t parse token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L334"></a><tt class="py-lineno">334</tt>  <tt class="py-line"> </tt>
<a name="L335"></a><tt class="py-lineno">335</tt>  <tt class="py-line">  <tt class="py-comment"># Check signature.</tt> </tt>
<a name="L336"></a><tt class="py-lineno">336</tt>  <tt class="py-line">  <tt class="py-name">verified</tt> <tt class="py-op">=</tt> <tt class="py-name">False</tt> </tt>
<a name="L337"></a><tt class="py-lineno">337</tt>  <tt class="py-line">  <tt class="py-keyword">for</tt> <tt class="py-op">(</tt><tt class="py-name">keyname</tt><tt class="py-op">,</tt> <tt class="py-name">pem</tt><tt class="py-op">)</tt> <tt class="py-keyword">in</tt> <tt class="py-name">certs</tt><tt class="py-op">.</tt><tt id="link-36" class="py-name" targets="Method apiclient.push.Headers.items()=apiclient.push.Headers-class.html#items"><a title="apiclient.push.Headers.items" class="py-name" href="#" onclick="return doclink('link-36', 'items', 'link-36');">items</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L338"></a><tt class="py-lineno">338</tt>  <tt class="py-line">    <tt class="py-name">verifier</tt> <tt class="py-op">=</tt> <tt id="link-37" class="py-name"><a title="oauth2client.crypt.Verifier" class="py-name" href="#" onclick="return doclink('link-37', 'Verifier', 'link-18');">Verifier</a></tt><tt class="py-op">.</tt><tt class="py-name">from_string</tt><tt class="py-op">(</tt><tt class="py-name">pem</tt><tt class="py-op">,</tt> <tt class="py-name">True</tt><tt class="py-op">)</tt> </tt>
<a name="L339"></a><tt class="py-lineno">339</tt>  <tt class="py-line">    <tt class="py-keyword">if</tt> <tt class="py-op">(</tt><tt class="py-name">verifier</tt><tt class="py-op">.</tt><tt id="link-38" class="py-name"><a title="apiclient.push.Subscription.verify" class="py-name" href="#" onclick="return doclink('link-38', 'verify', 'link-5');">verify</a></tt><tt class="py-op">(</tt><tt class="py-name">signed</tt><tt class="py-op">,</tt> <tt class="py-name">signature</tt><tt class="py-op">)</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L340"></a><tt class="py-lineno">340</tt>  <tt class="py-line">      <tt class="py-name">verified</tt> <tt class="py-op">=</tt> <tt class="py-name">True</tt> </tt>
<a name="L341"></a><tt class="py-lineno">341</tt>  <tt class="py-line">      <tt class="py-keyword">break</tt> </tt>
<a name="L342"></a><tt class="py-lineno">342</tt>  <tt class="py-line">  <tt class="py-keyword">if</tt> <tt class="py-keyword">not</tt> <tt class="py-name">verified</tt><tt class="py-op">:</tt> </tt>
<a name="L343"></a><tt class="py-lineno">343</tt>  <tt class="py-line">    <tt class="py-keyword">raise</tt> <tt id="link-39" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-39', 'AppIdentityError', 'link-31');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Invalid token signature: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">jwt</tt><tt class="py-op">)</tt> </tt>
<a name="L344"></a><tt class="py-lineno">344</tt>  <tt class="py-line"> </tt>
<a name="L345"></a><tt class="py-lineno">345</tt>  <tt class="py-line">  <tt class="py-comment"># Check creation timestamp.</tt> </tt>
<a name="L346"></a><tt class="py-lineno">346</tt>  <tt class="py-line">  <tt class="py-name">iat</tt> <tt class="py-op">=</tt> <tt class="py-name">parsed</tt><tt class="py-op">.</tt><tt id="link-40" class="py-name" targets="Method apiclient.schema.Schemas.get()=apiclient.schema.Schemas-class.html#get,Method oauth2client.client.MemoryCache.get()=oauth2client.client.MemoryCache-class.html#get,Method oauth2client.client.Storage.get()=oauth2client.client.Storage-class.html#get"><a title="apiclient.schema.Schemas.get
oauth2client.client.MemoryCache.get
oauth2client.client.Storage.get" class="py-name" href="#" onclick="return doclink('link-40', 'get', 'link-40');">get</a></tt><tt class="py-op">(</tt><tt class="py-string">'iat'</tt><tt class="py-op">)</tt> </tt>
<a name="L347"></a><tt class="py-lineno">347</tt>  <tt class="py-line">  <tt class="py-keyword">if</tt> <tt class="py-name">iat</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L348"></a><tt class="py-lineno">348</tt>  <tt class="py-line">    <tt class="py-keyword">raise</tt> <tt id="link-41" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-41', 'AppIdentityError', 'link-31');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'No iat field in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L349"></a><tt class="py-lineno">349</tt>  <tt class="py-line">  <tt class="py-name">earliest</tt> <tt class="py-op">=</tt> <tt class="py-name">iat</tt> <tt class="py-op">-</tt> <tt id="link-42" class="py-name"><a title="oauth2client.crypt.CLOCK_SKEW_SECS" class="py-name" href="#" onclick="return doclink('link-42', 'CLOCK_SKEW_SECS', 'link-1');">CLOCK_SKEW_SECS</a></tt> </tt>
<a name="L350"></a><tt class="py-lineno">350</tt>  <tt class="py-line"> </tt>
<a name="L351"></a><tt class="py-lineno">351</tt>  <tt class="py-line">  <tt class="py-comment"># Check expiration timestamp.</tt> </tt>
<a name="L352"></a><tt class="py-lineno">352</tt>  <tt class="py-line">  <tt class="py-name">now</tt> <tt class="py-op">=</tt> <tt class="py-name">long</tt><tt class="py-op">(</tt><tt class="py-name">time</tt><tt class="py-op">.</tt><tt class="py-name">time</tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L353"></a><tt class="py-lineno">353</tt>  <tt class="py-line">  <tt class="py-name">exp</tt> <tt class="py-op">=</tt> <tt class="py-name">parsed</tt><tt class="py-op">.</tt><tt id="link-43" class="py-name"><a title="apiclient.schema.Schemas.get
oauth2client.client.MemoryCache.get
oauth2client.client.Storage.get" class="py-name" href="#" onclick="return doclink('link-43', 'get', 'link-40');">get</a></tt><tt class="py-op">(</tt><tt class="py-string">'exp'</tt><tt class="py-op">)</tt> </tt>
<a name="L354"></a><tt class="py-lineno">354</tt>  <tt class="py-line">  <tt class="py-keyword">if</tt> <tt class="py-name">exp</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L355"></a><tt class="py-lineno">355</tt>  <tt class="py-line">    <tt class="py-keyword">raise</tt> <tt id="link-44" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-44', 'AppIdentityError', 'link-31');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'No exp field in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L356"></a><tt class="py-lineno">356</tt>  <tt class="py-line">  <tt class="py-keyword">if</tt> <tt class="py-name">exp</tt> <tt class="py-op">&gt;=</tt> <tt class="py-name">now</tt> <tt class="py-op">+</tt> <tt id="link-45" class="py-name"><a title="oauth2client.client.SignedJwtAssertionCredentials.MAX_TOKEN_LIFETIME_SECS
oauth2client.crypt.MAX_TOKEN_LIFETIME_SECS" class="py-name" href="#" onclick="return doclink('link-45', 'MAX_TOKEN_LIFETIME_SECS', 'link-3');">MAX_TOKEN_LIFETIME_SECS</a></tt><tt class="py-op">:</tt> </tt>
<a name="L357"></a><tt class="py-lineno">357</tt>  <tt class="py-line">    <tt class="py-keyword">raise</tt> <tt id="link-46" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-46', 'AppIdentityError', 'link-31');">AppIdentityError</a></tt><tt class="py-op">(</tt> </tt>
<a name="L358"></a><tt class="py-lineno">358</tt>  <tt class="py-line">      <tt class="py-string">'exp field too far in future: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L359"></a><tt class="py-lineno">359</tt>  <tt class="py-line">  <tt class="py-name">latest</tt> <tt class="py-op">=</tt> <tt class="py-name">exp</tt> <tt class="py-op">+</tt> <tt id="link-47" class="py-name"><a title="oauth2client.crypt.CLOCK_SKEW_SECS" class="py-name" href="#" onclick="return doclink('link-47', 'CLOCK_SKEW_SECS', 'link-1');">CLOCK_SKEW_SECS</a></tt> </tt>
<a name="L360"></a><tt class="py-lineno">360</tt>  <tt class="py-line"> </tt>
<a name="L361"></a><tt class="py-lineno">361</tt>  <tt class="py-line">  <tt class="py-keyword">if</tt> <tt class="py-name">now</tt> <tt class="py-op">&lt;</tt> <tt class="py-name">earliest</tt><tt class="py-op">:</tt> </tt>
<a name="L362"></a><tt class="py-lineno">362</tt>  <tt class="py-line">    <tt class="py-keyword">raise</tt> <tt id="link-48" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-48', 'AppIdentityError', 'link-31');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Token used too early, %d &lt; %d: %s'</tt> <tt class="py-op">%</tt> </tt>
<a name="L363"></a><tt class="py-lineno">363</tt>  <tt class="py-line">      <tt class="py-op">(</tt><tt class="py-name">now</tt><tt class="py-op">,</tt> <tt class="py-name">earliest</tt><tt class="py-op">,</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L364"></a><tt class="py-lineno">364</tt>  <tt class="py-line">  <tt class="py-keyword">if</tt> <tt class="py-name">now</tt> <tt class="py-op">&gt;</tt> <tt class="py-name">latest</tt><tt class="py-op">:</tt> </tt>
<a name="L365"></a><tt class="py-lineno">365</tt>  <tt class="py-line">    <tt class="py-keyword">raise</tt> <tt id="link-49" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-49', 'AppIdentityError', 'link-31');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Token used too late, %d &gt; %d: %s'</tt> <tt class="py-op">%</tt> </tt>
<a name="L366"></a><tt class="py-lineno">366</tt>  <tt class="py-line">      <tt class="py-op">(</tt><tt class="py-name">now</tt><tt class="py-op">,</tt> <tt class="py-name">latest</tt><tt class="py-op">,</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L367"></a><tt class="py-lineno">367</tt>  <tt class="py-line"> </tt>
<a name="L368"></a><tt class="py-lineno">368</tt>  <tt class="py-line">  <tt class="py-comment"># Check audience.</tt> </tt>
<a name="L369"></a><tt class="py-lineno">369</tt>  <tt class="py-line">  <tt class="py-keyword">if</tt> <tt class="py-name">audience</tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L370"></a><tt class="py-lineno">370</tt>  <tt class="py-line">    <tt class="py-name">aud</tt> <tt class="py-op">=</tt> <tt class="py-name">parsed</tt><tt class="py-op">.</tt><tt id="link-50" class="py-name"><a title="apiclient.schema.Schemas.get
oauth2client.client.MemoryCache.get
oauth2client.client.Storage.get" class="py-name" href="#" onclick="return doclink('link-50', 'get', 'link-40');">get</a></tt><tt class="py-op">(</tt><tt class="py-string">'aud'</tt><tt class="py-op">)</tt> </tt>
<a name="L371"></a><tt class="py-lineno">371</tt>  <tt class="py-line">    <tt class="py-keyword">if</tt> <tt class="py-name">aud</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L372"></a><tt class="py-lineno">372</tt>  <tt class="py-line">      <tt class="py-keyword">raise</tt> <tt id="link-51" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-51', 'AppIdentityError', 'link-31');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'No aud field in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L373"></a><tt class="py-lineno">373</tt>  <tt class="py-line">    <tt class="py-keyword">if</tt> <tt class="py-name">aud</tt> <tt class="py-op">!=</tt> <tt class="py-name">audience</tt><tt class="py-op">:</tt> </tt>
<a name="L374"></a><tt class="py-lineno">374</tt>  <tt class="py-line">      <tt class="py-keyword">raise</tt> <tt id="link-52" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-52', 'AppIdentityError', 'link-31');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Wrong recipient, %s != %s: %s'</tt> <tt class="py-op">%</tt> </tt>
<a name="L375"></a><tt class="py-lineno">375</tt>  <tt class="py-line">          <tt class="py-op">(</tt><tt class="py-name">aud</tt><tt class="py-op">,</tt> <tt class="py-name">audience</tt><tt class="py-op">,</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L376"></a><tt class="py-lineno">376</tt>  <tt class="py-line"> </tt>
<a name="L377"></a><tt class="py-lineno">377</tt>  <tt class="py-line">  <tt class="py-keyword">return</tt> <tt class="py-name">parsed</tt> </tt>
</div><a name="L378"></a><tt class="py-lineno">378</tt>  <tt class="py-line"> </tt><script type="text/javascript">
<!--
expandto(location.href);
// -->
</script>
</pre>
<br />
<!-- ==================== NAVIGATION BAR ==================== -->
<table class="navbar" border="0" width="100%" cellpadding="0"
       bgcolor="#a0c0ff" cellspacing="0">
  <tr valign="middle">

  <!-- Tree link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Index link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Help link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>

      <th class="navbar" width="100%"></th>
  </tr>
</table>
<table border="0" cellpadding="0" cellspacing="0" width="100%%">
  <tr>
    <td align="left" class="footer">
    Generated by Epydoc 3.0.1 on Thu Mar  7 10:31:26 2013
    </td>
    <td align="right" class="footer">
      <a target="mainFrame" href="http://epydoc.sourceforge.net"
        >http://epydoc.sourceforge.net</a>
    </td>
  </tr>
</table>

<script type="text/javascript">
  <!--
  // Private objects are initially displayed (because if
  // javascript is turned off then we want them to be
  // visible); but by default, we want to hide them.  So hide
  // them unless we have a cookie that says to show them.
  checkCookie();
  // -->
</script>
</body>
</html>
